BBC journalist Nick Robinson has confirmed that his X (formerly Twitter) account was hacked after he fell for a phishing scam. The attack led to his account being used to promote cryptocurrency scams.
How the Hack Happened
- Robinson clicked on a fraudulent email link, believing it was from X.
- The email claimed that his account had violated X’s policies and required urgent action.
- The email did not come from an official X address (e.g., @x.com).
- After clicking the link, he was locked out of his account, and his passwords were changed.
The Phishing Trap & Robinson’s Response
- Despite completing cybersecurity training, Robinson admitted he fell for the scam because he was tired and in a rush.
- He repeatedly tried to use X’s official website to fix the issue, but after multiple failures, he gave in.
- His account was then used to promote a fake cryptocurrency called “$Today” on the Solana blockchain.
- He warned users: “Don’t click on everything you see.”
Cybersecurity Expert’s Warning
According to Toby Lewis, a cybersecurity expert at Darktrace:
- Hackers target high-profile accounts using automated phishing emails.
- These emails are designed to trick users when they are busy or distracted.
- Best practice: Avoid clicking on links in emails—always verify messages directly on the platform.
Key Takeaways for Social Media Users
- Always verify the sender’s email address before clicking on any link.
- Avoid urgent-action emails claiming to prevent account suspension.
- Use official websites to check for security alerts.
- Enable two-factor authentication (2FA) for extra security.
